Unaudited! Not Just A China Problem So How Do We Address It?

It’s sexier for the media to focus on audit failures by inscrutable China-based Big Four audit firms than the general failure of auditors all over the world to protect investors from fraud. Pundits, professors and pedants have proposed all sorts of solutions to the problem of China’s grip on the workpapers of Chinese audit firms and China’s unwillingness to allow independent inspections by the PCAOB of those audit firms.

Some suggestions that have been made:

1. The SEC can delist all Chinese companies that obtained a U.S. exchange listing via a reverse merger and require them to re-file a full listing request. If the company can’t meet the thresholds for an audit by an audit firm registered with the PCAOB, the listing would not be approved. (Only problem with this suggestion is it’s unfair to single out Chinese companies, in spite of rampant fraud, when so many other companies have used a reverse merger over the years to bypass a full public listing application with the SEC. Perhaps every company that bypassed a full registration process should go through an SEC review process with the threat of de-listing if it can’t met the audit scope thresholds.)

2. The PCAOB can de-register all Chinese member audit firms – and member firms of the global audit networks in all countries where inspections are still prohibited – thereby automatically invalidating the audits and the exchange listings of any U.S. listed companies audited by these firms. (This won’t happen this way because of the extreme market disruption, but perhaps the SEC can review some new mandated disclosures that will reveal where companies have significant portions of an audit signed by a U.S. firm but actually performed by an audit firms that can’t be inspected by the PCAOB. Over time, firms have to either bring the operations under the audit scope threshold or move the listing with the threat of eventual de-listing if compliance is not reached.)

3. The PCAOB can disqualify Chinese member audit firms that can’t be inspected from auditing China-based U.S. listings (thereby disqualifying those companies’ U.S. exchange listing) but allow the registration of the Chinese audit firms for the purpose of auditing U.S. listed non-Chinese multinationals. The ‘joint’ inspections proposed by China would be considered sufficient for audit opinions where a Chinese member audit firm only played a “substantial role” in the audit of a multinational company with operations in China. (In my opinion, this is a double-standard which is unjust and unworkable.)

4. Split up the audits of China-based companies with U.S. listings and multinationals with operations material enough to require a “substantial role” played by a Chinese audit firm. The idea is to reduce the “Chinese exposure” below the “substantial role” threshold, thereby circumventing the 20% of fees or 20% of assets or revenues threshold in the standard.

This last option, discussed by Professor Paul Gillis – a PCAOB SAG member – on his China Accounting Blog is incredible in its cunning and an embarrassing regulatory arbitrage that seriously undermines investor protections. Unaudited exposure should be measured at the country level as well at the firm level. Even though any one audit firm in China may not play a “substantial role” after you split up the work, a “substantial role” in the audit is still played by a group of audit firms in a country where those firms can not be inspected by the PCAOB.

The first step, in my opinion, in addressing this seemingly untenable problem in China – one the SEC and PCAOB got themselves into – is for the SEC to issue emergency rules mandating disclosure by issuers of unaudited exposure all over the world.

The SEC has already strongly encouraged companies to make these disclosures but almost no one is taking them up on it. Santander, which has U.S. ADRs and is based in Spain, is the only company where I have seen a disclosure of a “substantial role” audit exposure for a country the PCAOB can’t inspect. There may be more and I encourage readers to tell me if they have seen any. Mandated disclosure of such exposure is long overdue and would finally tell the truth:

“This is the situation we’re in. The SEC and PCAOB can’t protect you right now. Buyer beware.”

Thank goodness the PCAOB is making progress in other countries where fraud keeps happening and the PCAOB was unable, until recently, to inspect the audit firms.

Like Germany and the UK.

No one ever talked about delisting all the German and U.K. companies listed on U.S. exchanges just because the German and U.K. member audit firms of the Big Four had never been inspected by the PCAOB. No one talked about de-registering German or U.K. Big Four member audit firms while Germany, like many other EU countries, and the U.K. prohibited PCAOB inspections on a sovereignty or secrecy basis. Granted, regulatory oversight of the audit firms in the U.K. and Germany is considered to be more robust than in China, for example.

Thank goodness the PCAOB recently signed agreements with both Germany and the U.K.. Inspections have commenced, according to the PCAOB.

Allianz, audited by KPMG Germany since 1986, voluntarily delisted its ADRs from the NYSE in 2009. A few days ago the SEC announced charges against Allianz for violating the books and records and internal controls provisions of the Foreign Corrupt Practices Act (FCPA). The company made improper payments to government officials in Indonesia between 2001-2008. Allianz agreed to pay more than $12.3 million to settle the charges.

“Allianz’s subsidiary created an ‘off-the-books’ account that served as a slush fund for bribe payments to foreign officials to win insurance contracts worth several million dollars,” said Kara Brockmeyer, Chief of the SEC Enforcement Division’s FCPA Unit.

Two complaints, according to the SEC’s press release, brought the misconduct to Allianz’s attention. “The first complaint submitted in 2005 reported unsupported payments to agents, and a subsequent audit of accounting records at Allianz’s subsidiary in Indonesia uncovered that managers were using “special purpose accounts” to make illegal payments to government officials in order to secure business in Indonesia. The misconduct continued in spite of that audit.”

According to the SEC’s order, the second complaint was made to Allianz’s external auditor, KPMG Germany, in 2009. KPMG Germany continues to be the Allianz auditor. (KPMG’s member firm in Indonesia, Siddharta & Widjaja, is not registered with the PCAOB.) It’s no wonder that Allianz decided to get out from under the SEC and DOJ’s authority and delist once KPMG was unavoidably aware of the illegal acts in 2009.

(I do wonder…Did KPMG-Germany make a Section 10A report to the SEC when the illegal behavior continued for four years after the company knew about the illegal payments?)

KPMG used to be the auditor of another German incorrigible, Siemens. Siemens still holds the record for the largest FCPA fine ever. Siemens switched auditors to Ernst & Young Germany in 2008, shortly after its massive corruption and bribery issue was resolved.

KPMG Germany is the dominant Big Four audit firm in Germany and audits three U.S. listed German companies – Deutsche Bank, SAP, and Fresenius Medical Care AG. KPMG Germany is registered with the PCAOB but never inspected until now, after the recent agreement was signed. If past timing is any indication of the future, inspection reports for inspections occurring this year for last year’s audits will be available sometime next year. We’ll see then if the PCAOB thinks the Big Four firms in Germany could have warned or mitigated numerous issues at Deutsche Bank, for example.

Given the number of KPMG U.S. audit clients with significant operations in Germany, it’s likely KPMG Germany plays a “substantial role” in those audits, too.

But we can’t easily figure that out.

KPMG audit client Deutsche Bank, a chronic problem child, provides an example of the limitations of existing SEC disclosures of audit coverage, PCAOB inspection reach, and the enforcement of existing U.S. audit standards for non-U.S. based audits even in first world countries.

Some of Deutsche Bank’s recent sins:

Co-CEO Juergen Fitschen and CFO Stefan Krause are targets of a tax evasion probe by the German government.

Deutsche Bank is under investigation in the U.S. and the U.K. for manipulating Libor interest rate benchmarks.

This past May the U.S. Justice Department filed suit against the bank for “recklessly” lying about the quality of mortgage loans between 1999 and 2009 that were guaranteed by the U.S. government via its MortgageIT subsidiary, a “direct endorsement lender” that could approve FHA insurance for those mortgages.

Deutsche Bank is a repeat offender. In 2010 it signed a non-prosecution agreement with the Department of Justice that is still in force, promising not to break the law again after being caught for tax shelter abuses.

Did KPMG U.S. play a “substantial role” in the audit of Deutsche Bank’s U.S. operations for an opinion signed by KPMG Germany? (And did KPMG Germany or another Big Four German audit firm play a “substantial role” in a U.S. based multinational audit?)

Maybe the PCAOB can look at whether the U.S. auditors missed the fraud and illegal acts the SEC and DOJ are fining and suing Deutsche Bank about. The PCAOB annual report for KPMG US – or KPMG Germany – can’t help the rest of us make that determination. Audit firms must list on the annual report any listed companies where they have issued audit reports in the past year. If the firm lists reports for issuers, it need not list the companies where it played a “substantial role”.

It would have been nice to see both sides for Chinese or U.K. listed firms, too, for example, so investors would all know if there were any U.S. listed multinationals for which a Chinese or U.K. firm played a “substantial role” or vice versa. According to PCAOB audit standards, to sign off on a U.S. audit opinion, a U.S. firm would have to supervise and review the work of the Chinese – or German or U.K. – auditors.

I have discussed this challenge with regard to the U.S. audit opinions for U.S. based casinos where much of the revenue and assets are now based in Macau and audited in Hong Kong. Hong Kong, like China, is also inaccessible to the PCAOB inspectors. China makes it difficult for non-China based audit partners – or U.S. regulators -to review China or Hong Kong workpapers due to “secrecy” laws. Do other countries concerns about privacy and sovereignty also make it difficult for U.S. audit partners to adequately supervise and review the work of foreign auditors?

KPMG, Ernst & Young and Deloitte in Germany all issue audit reports for German companies that are U.S. listed issuers. However, the extent of the German firms’ “substantial role” in supporting audits of German operations of U.S. based audits is not publicly known. PwC Germany, however, does not issue any audit opinions for U.S. based issuers but instead bills its U.S. partners to support several big name multinational audits. For that reason, the audits PwC Germany plays a “substantial role” in on behalf of the U.S. are listed in its annual report to the PCAOB.

(p)(ii) Play a Substantial Role in the Preparation or Furnishing of an Audit Report

The phrase “play a substantial role in the preparation or furnishing of an audit report” means –

-1 to perform material services that a public accounting firm uses or relies on in issuing all or part of its audit report with respect to any issuer, or

-2 to perform the majority of the audit procedures with respect to a subsidiary or component of any issuer the assets or revenues of which constitute 20% or more of the consolidated assets or revenues of such issuer necessary for the principal accountant to issue an audit report on the issuer.

Note 1: For purposes of paragraph (1) of this definition, the term “material services” means services, for which the engagement hours or fees constitute 20% or more of the total engagement hours or fees, respectively, provided by the principal accountant in connection with the issuance of all or part of its audit report with respect to any issuer. The term does not include non-audit services provided to non-audit clients.

Note 2: For purposes of paragraph (2) of this definition, the phrase “subsidiary or component” is meant to include any subsidiary, division, branch, office or other component of an issuer, regardless of its form of organization and/or control relationship with the issuer.

Note 3: For purposes of determining “20% or more of the consolidated assets or revenues” under paragraph (2) of this Rule, this determination should be made at the beginning of the issuer’s fiscal year using prior year information and should be made only once during the issuer’s fiscal year.

Interesting article. I must say that I do not understand how the SEC and PCAOB got into this problem themselves (the link in the article is a dead-end). While I agree with the four options detailed above, I am skeptical that the current environment is one they could have prevented with earlier action.

Subscribe to my feed by email

Search

Browse Archives

About the author

Francine McKenna (@retheauditors) is the Transparency Reporter at MarketWatch.com, a Dow Jones publication, where her work is also featured frequently in the Wall Street Journal. McKenna had more than twenty-five years of experience in consulting and professional services including tenure at two Big 4 firms, both in the US and abroad before becoming a journalist. Look for her prior columns, "Accounting Watchdog" at Forbes.com and "Accountable" at American Banker. For more information, click "About" at the bottom of this page. For more information contact Francine McKenna, fmckenna@mckennapartners.com